Welcome to our monthly round up of the things we’ve been up to! It’s been a busy few weeks, so here’s a look back at some of our highlights.
We started the month with a workshop on Cyber Data Breaches. Following shortly from major events including both the Sing Health and SIAS data breaches (among many others), and the official implementation of the General Data Protection Regulation (GDPR) in Europe, this was a busy session! This was followed up with a specific in-house session for one of our top tier banking clients on Cyber Security for front Relationship Managers, further demonstrating the growing need for all employees to be aware of cyber risks and how to mitigate these.
The issues around both Cyber Security and Data Protection certainly aren’t going away anytime soon; the demand is such that we’ll be running a full day session exclusively on GDPR in October, and another Cyber Security session in November.
We also ran a focused half day session on Know Your Customer (KYC) Due Diligence for an international private bank. The recent wall of news on global money laundering concerns has kept this very much front of mind, and not just for financial services firms. The same week as this session we had a packed house as we delivered a day of dedicated Anti Money Laundering training to Accountants. Whilst other topics are certainly in vogue, nothing seems to be as central an issue for so many industries as AML.
September also saw Complilearn back at one of our Private Banking clients for a follow-on session on Transforming Corporate Governance, Conduct & Culture. Certainly, this is a very ‘hot topic’, not just locally but internationally, with an ever-growing body of demand and questions relating to conduct and misconduct in various industries. With ongoing conduct related investigations progressing in several countries, as well as investigations such as the Australian Royal Commission, we expect this to be a central topic for a while to come.
The month carried on with an in-house workshop on Fraud Risk Management. This is always a nice change to deliver, as it’s one of the rarer requests we get! However, this session was for a regular client who trust us to deliver regular quality, in this case to ensure staff could complete annual CPD requirements, so one we were more than happy to deliver.
We also returned to another regular client, this time a top tier European Wealth and Investment Manager, for a CPD session on Ethical Challenges. The session was primarily focused on the challenge relationship managers do, and will increasingly, face with regards to changing technology in their industry. We were joined in the session by the Head of Wealth Management for South East Asia, showing great corporate and compliance leadership by walking the talk.
Our final engagement was delivering an AML session based on a local Notice, SFA04-N02, for the Singapore division of one of Indonesia’s leading banking groups. This isn’t the first time this request and content type will be used this year! It’s one of our favourite topics though, so happy to do many more like this.
And that’s a wrap! October started with a bang hence a slightly delayed write up and that looks set to carry on for the coming weeks. We’ll keep you posted on progress and see you in person soon!
Click here to see our upcoming sessions and Contact Us here.
Complilearn are pleased to announce that Managing Director Sam Gibbins will be speaking at a Fireside Chat during the ARiMI Risk INNOVATION Forum 2018, on 25th October.
Sam will be joined by Yeo Xi-Wei, Director of Living Theories, in a panel on “What Kind of Learning & Change is Needed to Develop Risk Aware & Ethical Leaders & Managers”. The session will be moderated by Marc Ronez, the Chief Risk Strategist, Knowledge Leader & Master Coach of the Asia Risk Management Institute (ARIMI)
The ARiMI Risk INNOVATION Forum 2018 brings together about 120 leaders and risk professionals from around Asia, creating a vibrant open forum for discussions ensuring that every conversation and meeting delivers real value for delegates.
The forum is designed to appeal to a wide audience of professionals “because risk is everyone’s business”. It will focus on Risk INNOVATION based on the critical understanding that Risk Management is by definition all about innovating and changing something about your business and/or your organization in order to nurture sustainable growth and profitability.
Therefore, the forum is organized to provide practical insights, methodologies, tools and valuable professional contacts to all executives who have to make decisions about how to run their operations, and want to ensure that existing and emerging risk issues will be managed properly to support their ability to achieve their performance targets.
Spanning across industries, this forum provides varying novel and insightful approaches, innovative risk management strategies and solutions to deal with the opportunities and challenges that decision-makers face in their organisations.
Contact us today at email@example.com
Complilearn is proud to announce we are sponsoring the Wanderers Rugby Football Club for the upcoming 2018/2019 season. Wanderers are one of Singapore’s leading sports clubs, fully committed to developing both on and off field qualities through sport, and a desire to help local communities, both home and abroad.
With these shared values, we look forward to helping the club with their continued development and seeing both on and off field success!
About Wanderers Rugby Football Club
The Singapore Wanderers has one unique attribute that all past and present members will testify to – it’s a club for life.
We are proud to have created a club atmosphere which feels like family to all our members, creating a home away from home where everyone can enjoy the sport they love.
Singapore Wanderers RFC was created in 1995 by a small group of local rugby enthusiasts keen to create a different club culture. From our first of many games kicking off in 1996, the club developed into one of Singapore’s leading sporting and social networks with an "open door" to players from all backgrounds and with all levels of experience in the game.
We have had considerable success in the local rugby scene during our short history including back-to-back Guinness Premiership wins in 2009 and 2010, winning the Championship League and Finals in 2012 and 2013. The Prems team pushed on with this success to dominate the league winning the Premiership league and Grand Final 4 years running from 2012-2016.
About Complilearn Pte Ltd
Complilearn is a specialist compliance learning, training, and consulting organisation.
Focused on providing advanced, tailored content, specific to organisations, jurisdictions, and employee job roles, we work globally to provide best in class development for staff, from introductory awareness level and refresher training, through to Certified residential courses for compliance practitioners.
Contact Us: firstname.lastname@example.org
This week Complilearn attended the RHT Academy Asia Fraud, Anti-Corruption & Investigations Conference in Singapore, where we were involved with several sessions.
The event crossed across multiple industries, providing interesting viewpoints from participants who have business interaction with a very broad range of jurisdictions and legal/regulatory requirements.
Complilearn was involved in several areas throughout the day, with Managing Director Sam Gibbins Chairing the event on behalf of RHT Academy. We also hosted a panel session on Beneficial Ownership related to KYC concerns and challenges for institutions. This provided not only some fascinating viewpoints form the panellists, who came from industry organisations and consulting practices, as well as from the audience. As if to highlight the challenge posed, audience questions asked didn’t always lead to a single answer or outcome even when audience members added their thoughts and opinions based on extensive work in this area. This proved, to any, the difficulties and complexities of trying to get a satisfactory outcome in this complex area of business.
Later in the afternoon Sam presented a session on Building a Customised Compliance Training Program. This, of course, is a core area of work for Complilearn, and even though it had been a long day, we had lots of audience engagement and interaction! Building on themes which had been presented throughout the day, we were able to tie together key themes related to legal and regulatory requirements, fraud and corruption challenges, and the essential element of ethical and cultural leadership, to give attendees and idea of how to look more effectively at learning from the compliance perspective.
The event was hugely successful not only for the perspective of information sharing, learning, and generating ideas for better compliance, but also for networking. Attendees spent a lot of time making new connections, including with us!
We were delighted to be involved with this event and are already looking forward to next year’s conference!
Welcome to our monthly round up of the things we’ve been up to! It’s been a busy few weeks, so busy in fact we have added in some of the things we did in July. Here’s a look back at some of our highlights.
In July Complilearn delivered a pair of CPD workshops for a tier 1 US Investment Bank in both Hong Kong and Singapore. The content, for Relationship Managers, was focused on some of the ethical dilemmas they will face as technological changes become more prevalent across industry. In August we carried out further training for this group of staff, centred on Data Protection, covering local legal and regulatory principles, and how to put this into context for ‘best practice’ to be applied by front line staff.
These sessions garnered very positive feedback, so Complilearn will be back with the same client in mid-September for full day workshops on KYC and Cyber Risk. We’ll let you know how they go in our next wrap!
We also presented a session on Transforming Corporate Governance, Conduct & Culture for a European private banking client. Given the changing nature of regulation with a view on conduct, culture, and accountability regimes, this was an eye-opening session for many attendees. The local CEO led from the front in questions and participation, which is always great to see, and helped make it a truly entertaining workshop! Complilearn will be running another session for this client in mid-September.
Keeping things moving, and somewhat different, Complilearn delivered a compliance presentation as part of the NSK Oceania Philosophy Day in Singapore. Not only is it great to work with new clients, but crossing cultures to work with a Japanese firm, as well as stepping into a new industry sector, is always a great learning experience.
August also saw Complilearn back in Zimbabwe to deliver a Certified Compliance course. These 5-day, Certified programs are building very strong traction in Africa and the Middle East, and there are 3 more scheduled for 2018. This was the first CCP delivered after the recent political shift, and tensions were clearly still running high. This didn’t stop the attendees from working hard, and saw plenty of opportunity for learning, networking, and sharing experiences. A very fun week as always.
Above: the lighter side of life in Harare, Zimbabwe.
In the past week we have delivered a full day Ethics CPD workshop for a local subsidiary of a Malaysian banking group, as well as an Anti-Corruption workshop for the Institute of Singapore Chartered Accountants (ISCA).
Our banking clients enjoyed learning about Ethical Decision Making, so much so that in the workshop they requested their Managers and Directors to take the same course! Only time will tell how that might play out…
Our ISCA Anti-Corruption workshop saw a record 40 participants, and had some very interesting, lively, and heated debates given recent corruption related news in Singapore. There is a clear, almost visible shift in attitude in Singapore with regards to corruption; clearly people feel it has been ingrained, culturally, that Singaporeans do not pay bribes, whilst at the same time recognising that some prestigious local companies have been doing exactly that. We look forward to hearing how some of our attendees fare in applying the organisational measures they developed in one our activities.
And that’s a wrap! September is another packed month, so we’ll keep you posted on progress and hopefully see some of you out and about at one of our workshops or events.
Click here to see our upcoming sessions.
This is now a (nearly) three-decade old statement of intent, and logic would rightly dictate that a measure of success here would have seen a dwindling of cases. Both key elements of the statement focus on the preventive elements in the case against financial crime, but as evidenced by recent news (too much to stuff into one article!), there are no shortage of money laundering related events occurring.
...“there has been minimal effort at evaluation of how well any AML intervention does in achieving its goals”.
AML Assessment and Effectiveness
A pair of articles from this year by Dr Ron Pol got some limited media coverage, but are, in our opinion, of essential reading for any compliance, AML, or Financial Crime practitioners. Usefully, these journal articles have now been made free until the end of September by the publisher, Emerald Insights. Kudos to them for working to advance this conversation.
Building on a seminal research article from Halliday, Levi, and Reuter, which focused on assessing the assessments under the third round of Mutual Evaluation Reports (MER3), Dr Pol took this further when analysing the idea of effectiveness as an ‘outcome’ based on the updated FATF Methodology for assessing technical compliance (for the fourth round of Mutual Evaluations, MER4) from 2013 (revised early in 2018).
In “Anti-money laundering effectiveness: assessing outcomes or ticking boxes?”, Dr Pol found that the FATF “Effectiveness” methodology does not yet fully reflect an “outcome-oriented model as it purports”. Part of this hinges on the method by which FATF have determined, and described, outcomes, as opposed to ‘Outputs’, which give a very different view if what and where ‘Effectiveness’ may come in. A second element builds on the previous research from Halliday et al (2014) that “in the third round of AML/CFT evaluations (before the fourth round ‘effectiveness’ criteria), FATF failed to demonstrate that objectives were more likely to be reached by compliance with FATF Standards”.
Evidence based analyses of assessments from both the third and fourth round of Mutual Evaluations thus seems to provide no evidence that ‘effectiveness’ has been improved, and therefore that we are not closer to the ‘prevention’ of money laundering over time.
Does the System Work?
One of the most frequent questions regarding Anti Money Laundering to be asked by both individuals and organisations, globally, is whether “the system is working”. Of course, this is an almost impossible question to answer, depending on what one views as the ‘system’, and how one evaluates something as ‘working’, or being of potential benefit.
Talking to practitioners often gives a slightly more nuanced point of view. It is not uncommon to hear someone who specialises in this area say something along the lines of “it doesn’t matter, if we fulfil our regulatory requirements’. Whilst there is some truth in this (from a purely black/white operational perspective), it misses the wider point that if all we are doing is ticking the legal and regulatory box, how are we moving any closer to fulfilment of the initial FATF mandate to “prevent” money laundering? What if, fundamentally, the overall global policy framework is not fit for purpose?
Measuring impact of policy is challenging. Challenging, however, does not mean we should not try. In a follow up research article, Dr Pol looks at metrics for success with regards to enforcement of Anti Money Laundering policy globally. The somewhat (and purposely) provocatively titled “Uncomfortable truths? ML=BS and AML= BS2” looks at interdiction rates (the proportion of criminal funds seized or forfeited) across a range of jurisdictions including the UK, Canada, Australia the EU, and New Zealand.
Across the board interdiction rates are abysmally low, indicating a lack of success in enforcing the ‘Anti’ in AML. Dr Pol finds that “only about 0.2% of criminal funds laundered annually is seized by authorities, compared with more than 20% of the globally produced illicit opiates […] and more than 40% of the cocaine”. As far back as 2011 the UN Office on Drugs and Crime (UNODC) asked “whether money launderers really are so much smarter than drug traffickers, or whether there is something wrong with the existing control system”.
Is there enough Data?
Another recent paper from Levi, Reuter and Halliday once again asks the questions of evaluation without better data. As stated in the opening of their paper, ‘Can the AML system be evaluated without better data’, “there has been minimal effort at evaluation of how well any AML intervention does in achieving its goals”.
This is a fascinating point to consider; in nearly all lines of work and business, decision on policy direction, strategy, and intended outcomes, are made with data at hand. Yet when it comes to global Anti Money Laundering, the researchers “find that data are relatively unimportant in policy development and implementation”.
We are in a situation where there is:
It is almost inevitable that the organisations charged with applying Anti Money Laundering policy, when it comes to ‘on the ground’ work, rely on a tick box approach to compliance, when there is such limited discussion or analysis of outcomes effectiveness. It is, or should, be clear to all that the current system and policy framework clearly is not working as intended. This is not to say it is for lack of effort, but that we need to have a fresh think about how, in a fundamental sense, we work to truly ‘prevent’ money laundering.
Avenues for wrongdoing will only grow as technology develops and the world becomes more intertwined. It is time to think about how we do what we do, why we do it, and who, in those years to come, will be at the forefront of this cultural and leadership challenge.
In developed markets such as Europe, the US, Australia, HK and Singapore, KYC and DD have been commonplace for several years. In jurisdictions that have a developing approach to compliance, these ideas are significantly newer, and so current approaches are still more foundational. Providers must therefore be cognisant of providing solutions that are a solid fit for the market as it currently stands and for development in the following years. It is of limited use to turn around to clients who have only been ‘doing’ compliance for a few years, and have strained resources, to promote a range of solutions which do not solve any of their current problems.
A key outcome of the discussion was the focus on RegTech being Trust as a Service. In an earlier side conversation with some participants, Complilearn was described as ‘Training as a Service’, and, coupled with ‘Trust as a Service’, provides an interesting take on what has been traditionally viewed as a Client/Vendor model.
The idea of providing the Service based on the model of Trust certainly seems more in line with most RegTech companies approach of building long lasting relationships, and not focusing on transactional sales. The question now is whether this idea will take off whilst dealing with the myriad other challenges faced by providers.
As ‘Service’ providers become more attuned to their client needs, hopefully the level of Trust placed in them will increase. Recent cases of RegTech adoption certainly seem to indicate that there is a solid basis for this relationship, with excellent results based on industry adoption, enabling significantly improved outcomes. Long may it continue.
Finnolux have provided a write up of the event which is available here, and details of the other events in the series can be found here.
If you would like a copy of the Complilearn presentation, please contact us at email@example.com
"“In times gone by, compliance was seen as a backwater.
Now the job of ensuring financial institutions play by the rules is rapidly growing in importance, driven by the tsunami of regulatory initiatives and substantial fines that followed the financial crisis of 2007-09.”
This is true even on an anecdotal level, but, increasingly, research and data back up the statements regarding the growth, and subsequent importance, of compliance as a profession. In days gone by, compliance was a ‘job’, to be done as an intermediary option before moving into a more rewarding, and longer serving, career.
This view is changing and doing so rapidly. Not only are people more likely to join compliance as a professional career move, with firms helping this progress through the establishment of ‘Compliance Academies’ and career planning for staff. Compliance practitioners are also more likely to be well remunerated and to enjoy their job, things that, even a decade ago, would perhaps not have been viewed the same way.
A new report from BarkerGilmore, nicely summarised by Global Legal Post, investigates some of the questions around both satisfaction and remuneration of compliance professionals. In general, remuneration has continued to increase over recent years. Of course, the risk(s) involved in areas of regulatory work have also increased, along with the pressure to perform. This ties in to the adage regarding higher risk, higher reward.
However, it isn’t just that pay has gone up. Levels of satisfaction appear to be on the rise too. Of course, not every sector is the same, and it’s clear some of shine has rubbed off sectors such as financial services. This is noticeable across the industry in numerous countries, and not just in compliance.
As compliance, not only as a function but as a professional are of work, becomes better recognised, so too do compliance practitioners get a higher level of independence, accountability, and reward for doing a job well done. The industry still needs to move away from considering a compliance job well done to mean ‘we didn’t get fined’, but the strides are at least moving in the right direction.
There are still issues, of course. These are not confined to compliance, but the gaps between male/female pay are still unacceptably large.
"In terms of gender, on average female compliance professionals earn 72 per cent of their male counterpart’s earnings. The gap is largest at the chief compliance officer level, where females earn only 65 per cent of the total compensation that their male counterparts earn."
This will, and indeed must, change as time progresses. There is no reason pay should be different for people doing the same job, and there are plenty of excellent female compliance practitioners.
Reports like this offer good, positive news for the compliance professional, and the practitioners who fill it. Hopefully in years to come this trend will continue, as the industry grows, and companies continue to see the business benefit of a strong, accountable, independent, compliance function.
Predicting the future is a notoriously difficult exercise. For this, and other reasons, regulators in general have always tried to avoid doing so, aiming to avoid both missed opportunities and, in hindsight, glaringly obvious deficiencies.
Ignoring this and keeping with a pattern of very different, somewhat unusual, but always enlightening speeches, Monetary Authority of Singapore MD Ravi Menon decided to step all the way into 2028 for his latest delivery.
Containing some interesting hypotheticals, some (possibly uncomfortable) truths, and what seems to be a very cloudy crystal ball, his speech at the Symposium on Asian Banking and Finance is worth a read in full.
So, what did he say?
Some of the topics covered in the section on the Global Financial Crisis (GFC) are not so much peering into the future as using already established doctrine. This doesn’t make them any less valid, but the three time periods highlighted by D Menon are strikingly like those outlined in the General Model of Regulatory Development, first outlined in a book focused on compliance in Singapore from 2015.
‘The Compliance Revolution’, by Professor David Jackman, gave us a remarkably useful model with hot to analyse and view not only regulatory development, but also compliance development.
The story told by MD Menon starts at the end of the GFC, in what Jackman refers to as the ‘Crisis’ phase. The tart of the era of hyperregulation, greater coverage of ‘too big to fail’ banks, increased regulatory and compliance resource, and a significant upsurge in volume and frequency of fines, are all evident in this phase, and continue into ‘Expansion’.
MD Menon outlines an era of ‘Regulatory Evaluation and Adjustment’, something Jackman most closely equates to ‘Sustainability’. This is, of course, a more ideal situation for both regulators and the regulatory community.
Certain highlights here stand out, for example the passing, almost fleeting, nod to Trade Finance. This is something that has been referenced repeatedly in recent years, by industry bodies, the industry, and regulators, but without ever having been linked to a real, solid solution.
In the MD Menon hypothesis, we are between 2017-2020, and trade finance has a so far ’sub-optimal social outcome’. Whilst this is undoubtedly true, what is the proposed regulatory solution? Here we have, apparently, a look back from 10 years in the future, but no reference to how this issue gets anywhere close to improving, which feels like a missed opportunity.
The final section, an ‘Era of Enhanced Regulatory Supervision’, mirrors very closely the Jackman ‘Outcomes-Led’ end goal. A more efficient, cost-based approach to regulation, with a strong focus on the beneficial outcomes of regulation and compliance, which is a real shift away from the current input driven model.
I think MD Menon should be applauded for explicitly referencing this idea. There is a strong focus here on Conduct Risk & Culture, although this would seem to be far too late (from 2021) to be getting around to this job. MAS themselves have released a paper on Individual Accountability this year, following on from the UK SMCR, HK MIC and BEAR in Australia.
One line that was of concern is:
Supervisors began to use data analytics, sentiment assessments, and the tools of behavioural psychology to gain insights on the culture and conduct in financial institutions. These insights served as inputs to supervisory assessments of the risk culture in financial institutions and, where necessary, pre-emptive interventions.
A ‘pre-emptive’ intervention certainly sounds a lot like Minority Report.
Of course, no good regulatory speech would be complete these days without some focus on technology, but, once again, some of the coverage feels dated. And this speech is not due to take place for another decade.
The hypothetical ‘Global Cyber Crisis’ of 2023 certainly sounds terrible, with US $45 billion stolen from 500 banks. However even a cursory scan of news tells us this is already happening and hasn’t just started.
Crypto Exchanges have been hacked to the tune of billions (or ‘lost’ currency), as have central banks. The Bangladesh Bank Heist took place in 2016, for an attempted USD $1 billion. USD $45 billion is a lot of money, no doubt. It is also lower than the amount of fines paid by the top 20 banks in 2016, which according to the Conduct Costs Projects, was over USD $63 billion.
MD Menon then goes on to say:
It was ironic that in an industry where there were detailed internationally accepted standards for capital, liquidity, and a range of prudential norms, there were no standards for cyber risk management.
Much like an Alanis Morrissette song, this isn’t ironic. If this did eventuate, there would be no irony to share around, but an awful lot of blame. Cyber breaches of vast scale have been happening for several years, so it is incumbent on regulators, including MAS to come up with suitable guidelines and standards.
To their credit MAS have announce they are planning to review cyber standards for banks. The industry absolutely should, and must, do a lot more. Most major financial institutions still have, at best, a very rudimentary view of cyber risk and security.
To finish we must go back to the start. Crystal ball gazing is fraught with peril. A lot of the themes addressed appear, on the surface, to be radical predictions for the next decade. In most cases, they are not.
This doesn’t detract from their value, not to mention the good sense from MAS, and MD Menon, to highlight these for the industry to consider. The progressive timeline of regulatory developments (The General Model) has been discussed for some time – Complilearn have used this as a core element of learning materials for over three years.
Likewise, the rising elements and issues around Fintech and Cyber Risk haven’t just come to light. The North Korean hacking group known as Lazarus have been operating as far back as 2009. And as for Conduct Risk, the FCA and ASIC have outlined their ideas going back a few years.
In summary, this is a very entertaining speech, and a very interesting, not to mention useful, set of ideas to think about. But, if you work in regulation or compliance, and this speech was the first time you thought about or came across these concepts, then the next ten years might be even tougher for you than even MD Menon imagines.